Add API hook for logging risk assessment completion

Requested by Jonny

.travis.yml

@@ -4,10 +4,10 @@ python:
 cache: pip
 
 addons:
-  chrome: beta
+  chrome: stable
 
 install:
-  - wget http://chromedriver.storage.googleapis.com/2.32/chromedriver_linux64.zip
+  - wget https://chromedriver.storage.googleapis.com/2.36/chromedriver_linux64.zip
   - unzip chromedriver_linux64.zip
   - export PATH=$PATH:$(pwd)
   - chmod +x chromedriver

Dockerfile

@@ -0,0 +1,12 @@
+FROM python:3.6
+
+WORKDIR /app
+
+ADD . /app
+
+RUN pip install -r requirements.txt && \
+        python manage.py collectstatic --noinput
+
+EXPOSE 8000
+
+CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]

PyRIGS/decorators.py

@@ -1,7 +1,7 @@
 from django.contrib.auth import REDIRECT_FIELD_NAME
 from django.shortcuts import render
 from django.http import HttpResponseRedirect
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 
 from RIGS import models
 
@@ -23,7 +23,7 @@ def user_passes_test_with_403(test_func, login_url=None, oembed_view=None):
         def _checklogin(request, *args, **kwargs):
             if test_func(request.user):
                 return view_func(request, *args, **kwargs)
-            elif not request.user.is_authenticated():
+            elif not request.user.is_authenticated:
                 if oembed_view is not None:
                     context = {}
                     context['oembed_url'] = "{0}://{1}{2}".format(request.scheme, request.META['HTTP_HOST'], reverse(oembed_view, kwargs=kwargs))

PyRIGS/settings.py

@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/1.7/ref/settings/
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 import os
 import raven
+import secrets
 
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))
 
@@ -35,6 +36,7 @@ if STAGING:
 if DEBUG:
     ALLOWED_HOSTS.append('localhost')
     ALLOWED_HOSTS.append('example.com')
+    ALLOWED_HOSTS.append('127.0.0.1')
 
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 if not DEBUG:
@@ -65,7 +67,7 @@ INSTALLED_APPS = (
     'raven.contrib.django.raven_compat',
 )
 
-MIDDLEWARE_CLASSES = (
+MIDDLEWARE = (
     'raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware',
     'django.middleware.security.SecurityMiddleware',
     'debug_toolbar.middleware.DebugToolbarMiddleware',
@@ -74,7 +76,6 @@ MIDDLEWARE_CLASSES = (
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 )
@@ -162,8 +163,8 @@ LOGOUT_URL = '/user/logout/'
 ACCOUNT_ACTIVATION_DAYS = 7
 
 # reCAPTCHA settings
-RECAPTCHA_PUBLIC_KEY = os.environ.get('RECAPTCHA_PUBLIC_KEY', None)
+RECAPTCHA_PUBLIC_KEY = os.environ.get('RECAPTCHA_PUBLIC_KEY', "6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI")  # If not set, use development key
-RECAPTCHA_PRIVATE_KEY = os.environ.get('RECAPTCHA_PRIVATE_KEY', None)
+RECAPTCHA_PRIVATE_KEY = os.environ.get('RECAPTCHA_PRIVATE_KEY', "6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe")  # If not set, use development key
 NOCAPTCHA = True
 
 # Email
@@ -233,3 +234,7 @@ USE_GRAVATAR = True
 
 TERMS_OF_HIRE_URL = "http://www.nottinghamtec.co.uk/terms.pdf"
 AUTHORISATION_NOTIFICATION_ADDRESS = 'productions@nottinghamtec.co.uk'
+RISK_ASSESSMENT_URL = os.environ.get('RISK_ASSESSMENT_URL') if os.environ.get(
+    'RISK_ASSESSMENT_URL') else "http://example.com"
+RISK_ASSESSMENT_SECRET = os.environ.get('RISK_ASSESSMENT_SECRET') if os.environ.get(
+    'RISK_ASSESSMENT_SECRET') else secrets.token_hex(15)

PyRIGS/urls.py

@@ -17,7 +17,7 @@ urlpatterns = [
     url('^user/', include('django.contrib.auth.urls')),
     url('^user/', include('registration.backends.default.urls')),
 
-    url(r'^admin/', include(admin.site.urls)),
+    url(r'^admin/', admin.site.urls),
 ]
 
 if settings.DEBUG:

README.md

@@ -77,6 +77,13 @@ python manage.py runserver
 ```
 Please refer to Django documentation for a full list of options available here.
 
+### Development using docker
+
+```
+docker build . -t pyrigs
+docker run -it --rm -p=8000:8000 -v $(pwd):/app pyrigs
+```
+
 ### Sample Data ###
 Sample data is available to aid local development and user acceptance testing. To load this data into your local database, first ensure the database is empty:
 ```

RIGS/finance.py

@@ -2,7 +2,7 @@ import datetime
 import re
 
 from django.contrib import messages
-from django.core.urlresolvers import reverse_lazy
+from django.urls import reverse_lazy
 from django.http import Http404, HttpResponseRedirect
 from django.http import HttpResponse
 from django.shortcuts import get_object_or_404

RIGS/forms.py

@@ -33,7 +33,12 @@ class ProfileRegistrationFormUniqueEmail(RegistrationFormUniqueEmail):
         return self.cleaned_data['initials']
 
 
-# Login form
+# Embedded Login form - remove the autofocus
+class EmbeddedAuthenticationForm(AuthenticationForm):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.fields['username'].widget.attrs.pop('autofocus', None)
+
 class PasswordReset(PasswordResetForm):
     captcha = ReCaptchaField(label='Captcha')
 

RIGS/ical.py

@@ -1,7 +1,7 @@
 from RIGS import models, forms
 from django_ical.views import ICalFeed
 from django.db.models import Q
-from django.core.urlresolvers import reverse_lazy, reverse, NoReverseMatch
+from django.urls import reverse_lazy, reverse, NoReverseMatch
 from django.utils import timezone
 from django.conf import settings
 

RIGS/migrations/0002_modelcomment_person.py

@@ -18,7 +18,7 @@ class Migration(migrations.Migration):
                 ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
                 ('postedAt', models.DateTimeField(auto_now=True)),
                 ('message', models.TextField()),
-                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL)),
+                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE)),
             ],
             options={
             },

RIGS/migrations/0008_auto_20141105_1908.py

@@ -33,11 +33,11 @@ class Migration(migrations.Migration):
                 ('payment_method', models.CharField(blank=True, null=True, max_length=255)),
                 ('payment_received', models.CharField(blank=True, null=True, max_length=255)),
                 ('purchase_order', models.CharField(blank=True, null=True, max_length=255)),
-                ('based_on', models.ForeignKey(to='RIGS.Event', related_name='future_events')),
+                ('based_on', models.ForeignKey(to='RIGS.Event', related_name='future_events', on_delete=models.CASCADE)),
-                ('checked_in_by', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_checked_in')),
+                ('checked_in_by', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_checked_in', on_delete=models.CASCADE)),
-                ('mic', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic')),
+                ('mic', models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic', on_delete=models.CASCADE)),
-                ('organisation', models.ForeignKey(to='RIGS.Organisation')),
+                ('organisation', models.ForeignKey(to='RIGS.Organisation', on_delete=models.CASCADE)),
-                ('person', models.ForeignKey(to='RIGS.Person')),
+                ('person', models.ForeignKey(to='RIGS.Person', on_delete=models.CASCADE)),
             ],
             options={
             },
@@ -52,7 +52,7 @@ class Migration(migrations.Migration):
                 ('quantity', models.IntegerField()),
                 ('cost', models.DecimalField(max_digits=10, decimal_places=2)),
                 ('order', models.IntegerField()),
-                ('event', models.ForeignKey(to='RIGS.Event', related_name='item')),
+                ('event', models.ForeignKey(to='RIGS.Event', related_name='item', on_delete=models.CASCADE)),
             ],
             options={
             },
@@ -75,7 +75,7 @@ class Migration(migrations.Migration):
         migrations.AddField(
             model_name='event',
             name='venue',
-            field=models.ForeignKey(to='RIGS.Venue'),
+            field=models.ForeignKey(to='RIGS.Venue', on_delete=models.CASCADE),
             preserve_default=True,
         ),
     ]

RIGS/migrations/0009_auto_20141105_1916.py

@@ -14,26 +14,26 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='event',
             name='based_on',
-            field=models.ForeignKey(to='RIGS.Event', related_name='future_events', blank=True, null=True),
+            field=models.ForeignKey(to='RIGS.Event', related_name='future_events', blank=True, null=True, on_delete=models.CASCADE),
             preserve_default=True,
         ),
         migrations.AlterField(
             model_name='event',
             name='checked_in_by',
             field=models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_checked_in', blank=True,
-                                    null=True),
+                                    null=True, on_delete=models.CASCADE),
             preserve_default=True,
         ),
         migrations.AlterField(
             model_name='event',
             name='mic',
-            field=models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic', blank=True, null=True),
+            field=models.ForeignKey(to=settings.AUTH_USER_MODEL, related_name='event_mic', blank=True, null=True, on_delete=models.CASCADE),
             preserve_default=True,
         ),
         migrations.AlterField(
             model_name='event',
             name='organisation',
-            field=models.ForeignKey(to='RIGS.Organisation', blank=True, null=True),
+            field=models.ForeignKey(to='RIGS.Organisation', blank=True, null=True, on_delete=models.CASCADE),
             preserve_default=True,
         ),
         migrations.AlterField(

RIGS/migrations/0010_auto_20141105_2219.py

@@ -19,8 +19,8 @@ class Migration(migrations.Migration):
                 ('run', models.BooleanField(default=False)),
                 ('derig', models.BooleanField(default=False)),
                 ('notes', models.TextField(blank=True, null=True)),
-                ('event', models.ForeignKey(related_name='crew', to='RIGS.Event')),
+                ('event', models.ForeignKey(related_name='crew', to='RIGS.Event', on_delete=models.CASCADE)),
-                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL)),
+                ('user', models.ForeignKey(to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE)),
             ],
             options={
             },
@@ -35,7 +35,7 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='eventitem',
             name='event',
-            field=models.ForeignKey(related_name='items', to='RIGS.Event'),
+            field=models.ForeignKey(related_name='items', to='RIGS.Event', on_delete=models.CASCADE),
             preserve_default=True,
         ),
     ]

RIGS/migrations/0013_auto_20141202_0041.py

@@ -14,7 +14,7 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='event',
             name='person',
-            field=models.ForeignKey(blank=True, null=True, to='RIGS.Person'),
+            field=models.ForeignKey(blank=True, null=True, to='RIGS.Person', on_delete=models.CASCADE),
             preserve_default=True,
         ),
     ]

RIGS/migrations/0014_auto_20141208_0220.py

@@ -14,13 +14,13 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='event',
             name='venue',
-            field=models.ForeignKey(blank=True, to='RIGS.Venue', null=True),
+            field=models.ForeignKey(blank=True, to='RIGS.Venue', null=True, on_delete=models.CASCADE),
             preserve_default=True,
         ),
         migrations.AlterField(
             model_name='eventitem',
             name='event',
-            field=models.ForeignKey(related_name='items', blank=True, to='RIGS.Event'),
+            field=models.ForeignKey(related_name='items', blank=True, to='RIGS.Event', on_delete=models.CASCADE),
             preserve_default=True,
         ),
     ]

RIGS/migrations/0016_auto_20150127_1905.py

@@ -18,7 +18,7 @@ class Migration(migrations.Migration):
                 ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
                 ('invoice_date', models.DateField(auto_now_add=True)),
                 ('void', models.BooleanField()),
-                ('event', models.OneToOneField(to='RIGS.Event')),
+                ('event', models.OneToOneField(to='RIGS.Event', on_delete=models.CASCADE)),
             ],
             options={
             },
@@ -31,7 +31,7 @@ class Migration(migrations.Migration):
                 ('date', models.DateField()),
                 ('amount', models.DecimalField(help_text=b'Please use ex. VAT', max_digits=10, decimal_places=2)),
                 ('method', models.CharField(max_length=2, choices=[(b'C', b'Cash'), (b'I', b'Internal'), (b'E', b'External'), (b'SU', b'SU Core'), (b'M', b'Members')])),
-                ('invoice', models.ForeignKey(to='RIGS.Invoice')),
+                ('invoice', models.ForeignKey(to='RIGS.Invoice', on_delete=models.CASCADE)),
             ],
             options={
             },
@@ -40,7 +40,7 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='event',
             name='mic',
-            field=models.ForeignKey(related_name='event_mic', verbose_name=b'MIC', blank=True, to=settings.AUTH_USER_MODEL, null=True),
+            field=models.ForeignKey(related_name='event_mic', verbose_name=b'MIC', blank=True, to=settings.AUTH_USER_MODEL, null=True, on_delete=models.CASCADE),
             preserve_default=True,
         ),
     ]

RIGS/migrations/0025_eventauthorisation.py

@@ -21,7 +21,7 @@ class Migration(migrations.Migration):
                 ('account_code', models.CharField(max_length=50, null=True, blank=True)),
                 ('amount', models.DecimalField(verbose_name=b'authorisation amount', max_digits=10, decimal_places=2)),
                 ('created_at', models.DateTimeField(auto_now_add=True)),
-                ('event', models.ForeignKey(related_name='authroisations', to='RIGS.Event')),
+                ('event', models.ForeignKey(related_name='authroisations', to='RIGS.Event', on_delete=models.CASCADE)),
             ],
         ),
     ]

RIGS/migrations/0027_eventauthorisation_event_singular.py

@@ -14,6 +14,6 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='eventauthorisation',
             name='event',
-            field=models.OneToOneField(related_name='authorisation', to='RIGS.Event'),
+            field=models.OneToOneField(related_name='authorisation', to='RIGS.Event', on_delete=models.CASCADE),
         ),
     ]

RIGS/migrations/0029_eventauthorisation_sent_by.py

@@ -15,7 +15,7 @@ class Migration(migrations.Migration):
         migrations.AddField(
             model_name='eventauthorisation',
             name='sent_by',
-            field=models.ForeignKey(default=1, to=settings.AUTH_USER_MODEL),
+            field=models.ForeignKey(default=1, to=settings.AUTH_USER_MODEL, on_delete=models.CASCADE),
             preserve_default=False,
         ),
     ]

RIGS/migrations/0030_auth_request_sending.py

@@ -20,7 +20,7 @@ class Migration(migrations.Migration):
         migrations.AddField(
             model_name='event',
             name='auth_request_by',
-            field=models.ForeignKey(blank=True, to=settings.AUTH_USER_MODEL, null=True),
+            field=models.ForeignKey(blank=True, to=settings.AUTH_USER_MODEL, null=True, on_delete=models.CASCADE),
         ),
         migrations.AddField(
             model_name='event',

RIGS/migrations/0033_auto_20180325_0016.py

@@ -0,0 +1,18 @@
+# Generated by Django 2.0.3 on 2018-03-25 00:16
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0032_auto_20170904_2355'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='profile',
+            name='last_name',
+            field=models.CharField(blank=True, max_length=150, verbose_name='last name'),
+        ),
+    ]

RIGS/migrations/0034_event_risk_assessment_edit_url.py

@@ -0,0 +1,18 @@
+# Generated by Django 2.0.5 on 2019-07-28 21:28
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0033_auto_20180325_0016'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='event',
+            name='risk_assessment_edit_url',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+    ]

RIGS/models.py

@@ -18,7 +18,7 @@ from collections import Counter
 from decimal import Decimal
 
 from django.core.exceptions import ValidationError
-from django.core.urlresolvers import reverse_lazy
+from django.urls import reverse_lazy
 
 
 # Create your models here.
@@ -302,9 +302,9 @@ class Event(models.Model, RevisionMixin):
     )
 
     name = models.CharField(max_length=255)
-    person = models.ForeignKey('Person', null=True, blank=True)
+    person = models.ForeignKey('Person', null=True, blank=True, on_delete=models.CASCADE)
-    organisation = models.ForeignKey('Organisation', blank=True, null=True)
+    organisation = models.ForeignKey('Organisation', blank=True, null=True, on_delete=models.CASCADE)
-    venue = models.ForeignKey('Venue', blank=True, null=True)
+    venue = models.ForeignKey('Venue', blank=True, null=True, on_delete=models.CASCADE)
     description = models.TextField(blank=True, null=True)
     notes = models.TextField(blank=True, null=True)
     status = models.IntegerField(choices=EVENT_STATUS_CHOICES, default=PROVISIONAL)
@@ -323,9 +323,9 @@ class Event(models.Model, RevisionMixin):
     meet_info = models.CharField(max_length=255, blank=True, null=True)
 
     # Crew management
-    checked_in_by = models.ForeignKey(settings.AUTH_USER_MODEL, related_name='event_checked_in', blank=True, null=True)
+    checked_in_by = models.ForeignKey(settings.AUTH_USER_MODEL, related_name='event_checked_in', blank=True, null=True, on_delete=models.CASCADE)
     mic = models.ForeignKey(settings.AUTH_USER_MODEL, related_name='event_mic', blank=True, null=True,
-                            verbose_name="MIC")
+                            verbose_name="MIC", on_delete=models.CASCADE)
 
     # Monies
     payment_method = models.CharField(max_length=255, blank=True, null=True)
@@ -334,10 +334,13 @@ class Event(models.Model, RevisionMixin):
     collector = models.CharField(max_length=255, blank=True, null=True, verbose_name='collected by')
 
     # Authorisation request details
-    auth_request_by = models.ForeignKey('Profile', null=True, blank=True)
+    auth_request_by = models.ForeignKey('Profile', null=True, blank=True, on_delete=models.CASCADE)
     auth_request_at = models.DateTimeField(null=True, blank=True)
     auth_request_to = models.EmailField(null=True, blank=True)
 
+    # Risk assessment info
+    risk_assessment_edit_url = models.CharField(max_length=255, blank=True, null=True)
+
     # Calculated values
     """
     EX Vat
@@ -485,7 +488,7 @@ class Event(models.Model, RevisionMixin):
 
 
 class EventItem(models.Model):
-    event = models.ForeignKey('Event', related_name='items', blank=True)
+    event = models.ForeignKey('Event', related_name='items', blank=True, on_delete=models.CASCADE)
     name = models.CharField(max_length=255)
     description = models.TextField(blank=True, null=True)
     quantity = models.IntegerField()
@@ -504,8 +507,8 @@ class EventItem(models.Model):
 
 
 class EventCrew(models.Model):
-    event = models.ForeignKey('Event', related_name='crew')
+    event = models.ForeignKey('Event', related_name='crew', on_delete=models.CASCADE)
-    user = models.ForeignKey(settings.AUTH_USER_MODEL)
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
     rig = models.BooleanField(default=False)
     run = models.BooleanField(default=False)
     derig = models.BooleanField(default=False)
@@ -514,13 +517,13 @@ class EventCrew(models.Model):
 
 @reversion.register
 class EventAuthorisation(models.Model, RevisionMixin):
-    event = models.OneToOneField('Event', related_name='authorisation')
+    event = models.OneToOneField('Event', related_name='authorisation', on_delete=models.CASCADE)
     email = models.EmailField()
     name = models.CharField(max_length=255)
     uni_id = models.CharField(max_length=10, blank=True, null=True, verbose_name="University ID")
     account_code = models.CharField(max_length=50, blank=True, null=True)
     amount = models.DecimalField(max_digits=10, decimal_places=2, verbose_name="authorisation amount")
-    sent_by = models.ForeignKey('RIGS.Profile')
+    sent_by = models.ForeignKey('RIGS.Profile', on_delete=models.CASCADE)
 
     def get_absolute_url(self):
         return reverse_lazy('event_detail', kwargs={'pk': self.event.pk})
@@ -532,7 +535,7 @@ class EventAuthorisation(models.Model, RevisionMixin):
 
 @python_2_unicode_compatible
 class Invoice(models.Model):
-    event = models.OneToOneField('Event')
+    event = models.OneToOneField('Event', on_delete=models.CASCADE)
     invoice_date = models.DateField(auto_now_add=True)
     void = models.BooleanField(default=False)
 
@@ -584,7 +587,7 @@ class Payment(models.Model):
         (ADJUSTMENT, 'TEC Adjustment'),
     )
 
-    invoice = models.ForeignKey('Invoice')
+    invoice = models.ForeignKey('Invoice', on_delete=models.CASCADE)
     date = models.DateField()
     amount = models.DecimalField(max_digits=10, decimal_places=2, help_text='Please use ex. VAT')
     method = models.CharField(max_length=2, choices=METHODS, null=True, blank=True)

RIGS/rigboard.py

@@ -6,18 +6,19 @@ import urllib.parse
 from django.contrib.staticfiles.storage import staticfiles_storage
 from django.core.mail import EmailMessage, EmailMultiAlternatives
 from django.views import generic
-from django.core.urlresolvers import reverse_lazy
+from django.urls import reverse_lazy
 from django.shortcuts import get_object_or_404
 from django.template import RequestContext
 from django.template.loader import get_template
 from django.conf import settings
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.core import signing
 from django.http import HttpResponse
 from django.core.exceptions import SuspiciousOperation
 from django.db.models import Q
 from django.contrib import messages
 from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_exempt
 from z3c.rml import rml2pdf
 from PyPDF2 import PdfFileMerger, PdfFileReader
 import simplejson
@@ -80,6 +81,24 @@ class EventEmbed(EventDetail):
     template_name = 'RIGS/event_embed.html'
 
 
+class EventRA(generic.base.RedirectView):
+    permanent = False
+    def get_redirect_url(self, *args, **kwargs):
+        event = get_object_or_404(models.Event, pk=kwargs['pk'])
+
+        if event.risk_assessment_edit_url:
+            return event.risk_assessment_edit_url
+
+        params = {
+            'entry.708610078': f'N{event.pk:05}',
+            'entry.905899507': event.name,
+            'entry.139491562': event.venue.name if event.venue else '',
+            'entry.1689826056': event.start_date.strftime('%Y-%m-%d') + ((' - ' + event.end_date.strftime('%Y-%m-%d')) if event.end_date else ''),
+            'entry.902421165': event.mic.name if event.mic else ''
+        }
+        return settings.RISK_ASSESSMENT_URL + "?" + urllib.parse.urlencode(params)
+
+
 class EventCreate(generic.CreateView):
     model = models.Event
     form_class = forms.EventForm
@@ -138,7 +157,11 @@ class EventDuplicate(EventUpdate):
         old = super(EventDuplicate, self).get_object(queryset)  # Get the object (the event you're duplicating)
         new = copy.copy(old)  # Make a copy of the object in memory
         new.based_on = old  # Make the new event based on the old event
-        new.purchase_order = None
+        new.purchase_order = None  # Remove old PO
+
+        # Clear checked in by if it's a dry hire
+        if new.dry_hire is True:
+            new.checked_in_by = None
 
         # Remove all the authorisation information from the new event
         new.auth_request_to = None
@@ -340,8 +363,10 @@ class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMix
                 'sent_by': self.request.user.pk,
             }),
         }
-        if email == event.person.email:
+        if event.person is not None and email == event.person.email:
             context['to_name'] = event.person.name
+        elif event.organisation is not None and email == event.organisation.email:
+            context['to_name'] = event.organisation.name
 
         msg = EmailMultiAlternatives(
             "N%05d | %s - Event Authorisation Request" % (self.object.pk, self.object.name),
@@ -380,3 +405,26 @@ class EventAuthoriseRequestEmailPreview(generic.DetailView):
         })
         context['to_name'] = self.request.GET.get('to_name', None)
         return context
+
+@method_decorator(csrf_exempt, name='dispatch')
+class LogRiskAssessment(generic.View):
+    http_method_names = ["post"]
+
+    def post(self, request, **kwargs):
+        data = request.POST
+        shared_secret = data.get("secret")
+        edit_url = data.get("editUrl")
+        rig_number = data.get("rigNum")
+        if shared_secret is None or edit_url is None or rig_number is None:
+            return HttpResponse(status=422)
+
+        if shared_secret != settings.RISK_ASSESSMENT_SECRET:
+            return HttpResponse(status=403)
+
+        rig_number = int(re.sub("[^0-9]", "", rig_number))
+
+        event = get_object_or_404(models.Event, pk=rig_number)
+        event.risk_assessment_edit_url = edit_url
+        event.save()
+
+        return HttpResponse(status=200)

RIGS/signals.py

@@ -50,8 +50,10 @@ def send_eventauthorisation_success_email(instance):
         'object': instance,
     }
 
-    if instance.email == instance.event.person.email:
+    if instance.event.person is not None and instance.email == instance.event.person.email:
         context['to_name'] = instance.event.person.name
+    elif instance.event.organisation is not None and instance.email == instance.event.organisation.email:
+        context['to_name'] = instance.event.organisation.name
 
     subject = "N%05d | %s - Event Authorised" % (instance.event.pk, instance.event.name)
 
@@ -89,6 +91,10 @@ def send_eventauthorisation_success_email(instance):
     client_email.send(fail_silently=True)
     mic_email.send(fail_silently=True)
 
+    # Set event to booked now that it's authorised
+    instance.event.status = models.Event.BOOKED
+    instance.event.save()
+
 
 def on_revision_commit(sender, instance, created, **kwargs):
     if created:

RIGS/static/scss/screen.scss

@@ -149,16 +149,19 @@ ins {
 }
 
 html.embedded{
-  min-height:100%;
+  display: flex;
-  display: table;
+  flex-direction: column;
   width: 100%;
+  height: 100%;
+  max-height: 100%;
+  overflow: hidden;
+  justify-content: center;
 
   body{
     padding:0;
-    display: table-cell;
-    vertical-align: middle;
     width:100%;
     background:none;
+    overflow: scroll;
   }
 
   .embed_container{

RIGS/templates/RIGS/event_detail_buttons.html

@@ -3,6 +3,17 @@
             class="glyphicon glyphicon-edit"></span> <span
             class="hidden-xs">Edit</span></a>
     {% if event.is_rig %}
+        {% if not event.dry_hire %}
+            <a href="{% url 'event_ra' event.pk %}" class="btn btn-default
+                {% if event.risk_assessment_edit_url %}
+                    btn-success
+                {% else %}
+                    btn-warning
+                {% endif %}
+            "><span
+                class="glyphicon glyphicon-paperclip"></span> <span
+                class="hidden-xs">RA</span></a>
+        {% endif %}
         <a href="{% url 'event_print' event.pk %}" target="_blank" class="btn btn-default"><span
                 class="glyphicon glyphicon-print"></span> <span
                 class="hidden-xs">Print</span></a>

RIGS/templates/RIGS/index.html

@@ -27,7 +27,7 @@
                     <a class="list-group-item" href="//members.nottinghamtec.co.uk/wiki" target="_blank"><span class="glyphicon glyphicon-link"></span> TEC Wiki</a>
                     <a class="list-group-item" href="http://members.nottinghamtec.co.uk/wiki/images/2/22/Event_Risk_Assesment.pdf" target="_blank"><span class="glyphicon glyphicon-link"></span> Pre-Event Risk Assessment</a>
                     <a class="list-group-item" href="//members.nottinghamtec.co.uk/price" target="_blank"><span class="glyphicon glyphicon-link"></span> Price List</a>
-                    <a class="list-group-item" href="https://form.jotformeu.com/62203600438344" target="_blank"><span class="glyphicon glyphicon-link"></span> Subhire Insurance Form</a>
+                    <a class="list-group-item" href="https://goo.gl/forms/jdPWov8PCNPoXtbn2" target="_blank"><span class="glyphicon glyphicon-link"></span> Subhire Insurance Form</a>
                 
             </div>
         </div>

RIGS/templates/RIGS/invoice_detail.html

@@ -11,7 +11,7 @@
 
             <div class="col-sm-4 text-right">
                 <div class="btn-group btn-page">
-                <a href="{% url 'invoice_delete' object.pk %}" class="btn btn-default" title="Void Invoice">
+                <a href="{% url 'invoice_delete' object.pk %}" class="btn btn-default" title="Delete Invoice">
                     <span class="glyphicon glyphicon-remove"></span> <span
                             class="hidden-xs">Delete</span>
                 </a>
@@ -19,7 +19,7 @@
                     <span class="glyphicon glyphicon-ban-circle"></span> <span
                             class="hidden-xs">Void</span>
                 </a>
-                <a href="{% url 'invoice_print' object.pk %}" target="_blank" class="btn btn-default"><span
+                <a href="{% url 'invoice_print' object.pk %}" target="_blank" title="Print Invoice" class="btn btn-default"><span
                             class="glyphicon glyphicon-print"></span> <span
                             class="hidden-xs">Print</span></a>
                 </div>

RIGS/test_functional.py

@@ -18,7 +18,7 @@ from selenium.webdriver.support.ui import WebDriverWait
 from RIGS import models
 
 from reversion import revisions as reversion
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.core import mail, signing
 
 
@@ -32,6 +32,7 @@ def create_browser():
     options.add_argument("--window-size=1920,1080")
     if os.environ.get('CI', False):
         options.add_argument("--headless")
+        options.add_argument("--no-sandbox")
     driver = webdriver.Chrome(chrome_options=options)
     return driver
 

RIGS/test_unit.py

@@ -2,7 +2,7 @@ from datetime import date
 
 from django.core.exceptions import ObjectDoesNotExist
 from django.core.management import call_command
-from django.core.urlresolvers import reverse
+from django.urls import reverse
 from django.test import TestCase
 from django.test.utils import override_settings
 

RIGS/urls.py

@@ -101,6 +101,9 @@ urlpatterns = [
     url(r'^event/(?P<pk>\d+)/print/$',
         permission_required_with_403('RIGS.view_event')(rigboard.EventPrint.as_view()),
         name='event_print'),
+    url(r'^event/(?P<pk>\d+)/ra/$',
+        permission_required_with_403('RIGS.change_event')(rigboard.EventRA.as_view()),
+        name='event_ra'),
     url(r'^event/create/$',
         permission_required_with_403('RIGS.add_event')(rigboard.EventCreate.as_view()),
         name='event_create'),
@@ -185,6 +188,9 @@ urlpatterns = [
     url(r'^api/(?P<model>\w+)/(?P<pk>\d+)/$', login_required(views.SecureAPIRequest.as_view()),
         name="api_secure"),
 
+    # Risk assessment API
+    url(r'^log_risk_assessment/$', rigboard.LogRiskAssessment.as_view(), name='log_risk_assessment'),
+
     # Legacy URL's
     url(r'^rig/show/(?P<pk>\d+)/$',
         RedirectView.as_view(permanent=True, pattern_name='event_detail')),

RIGS/views.py

@@ -1,7 +1,7 @@
 from django.core.exceptions import PermissionDenied
 from django.http.response import HttpResponseRedirect
 from django.http import HttpResponse
-from django.core.urlresolvers import reverse_lazy, reverse, NoReverseMatch
+from django.urls import reverse_lazy, reverse, NoReverseMatch
 from django.views import generic
 from django.db.models import Q
 from django.shortcuts import get_object_or_404
@@ -34,7 +34,7 @@ class Index(generic.TemplateView):
 
 
 def login(request, **kwargs):
-    if request.user.is_authenticated():
+    if request.user.is_authenticated:
         next = request.GET.get('next', '/')
         return HttpResponseRedirect(next)
     else:
@@ -49,7 +49,7 @@ def login(request, **kwargs):
 # check for it before logging  the user in
 @csrf_exempt
 def login_embed(request, **kwargs):
-    if request.user.is_authenticated():
+    if request.user.is_authenticated:
         next = request.GET.get('next', '/')
         return HttpResponseRedirect(next)
     else:
@@ -62,7 +62,7 @@ def login_embed(request, **kwargs):
                 messages.warning(request, 'Cookies do not seem to be enabled. Try logging in using a new tab.')
                 request.method = 'GET'  # Render the page without trying to login
 
-        return login(request, template_name="registration/login_embed.html")
+        return login(request, template_name="registration/login_embed.html", authentication_form=forms.EmbeddedAuthenticationForm) 
 
 
 """

requirements.txt

@@ -1,37 +1,38 @@
 beautifulsoup4==4.6.0
 contextlib2==0.5.5
 diff-match-patch==20121119
-dj-database-url==0.4.2
+dj-database-url==0.5.0
 dj-static==0.0.6
-Django==1.11.5
+Django==2.0.13
-django-debug-toolbar==1.8
+django-debug-toolbar==1.9.1
 django-ical==1.4
-django-recaptcha==1.3.1
+django-recaptcha==1.4.0
-django-registration-redux==1.7
+django-registration-redux==2.4
-django-reversion==2.0.10
+django-reversion==2.0.13
 django-toolbelt==0.0.1
-premailer==3.1.1
+premailer==3.2.0
-django-widget-tweaks==1.4.1
+#django-widget-tweaks==1.4.1
-gunicorn==19.7.1
+git+git://github.com/jazzband/django-widget-tweaks.git@1.4.2
-icalendar==3.11.7
+gunicorn==19.8.1
-lxml==4.0.0
+icalendar==4.0.1
-Markdown==2.6.9
+lxml==4.2.1
-Pillow==4.2.1
+Markdown==2.6.11
-psycopg2==2.7.3.1
+Pillow==5.1.0
+psycopg2==2.7.4
 Pygments==2.2.0
 PyPDF2==1.26.0
-python-dateutil==2.6.1
+python-dateutil==2.7.3
-pytz==2017.2
+pytz==2018.4
-raven==6.2.1
+raven==6.8.0
 reportlab==3.4.0
-selenium==3.5.0
+selenium==3.12.0
-simplejson==3.11.1
+simplejson==3.15.0
 six==1.11.0
-sqlparse==0.2.3
+sqlparse==0.2.4
 static3==0.7.0
 svg2rlg==0.3
 yolk==0.4.3
-z3c.rml==3.2.0
+z3c.rml==3.5.0
 zope.event==4.3.0
-zope.interface==4.4.3
+zope.interface==4.5.0
-zope.schema==4.5.0
+zope.schema==4.5.0